As the GetSharedDefaultFolder method description states:
This method is used in a delegation scenario, where one user has delegated access to another user for one or more of their default folders (for example, their shared Calendar folder).
Is there a way to get shared calendar appointment items without being a delegate of the person?
For example, I could do an File -> Open -> Open User's Folder to see people's busy/free status for about anyone or mail box. But apparently this permission level won't enable the GetSharedDefaultFolder() method.
You can use Recipient.GetFreeBusy or AddressEntry.FreeBusy in this scenario.
Related
Consider the following scenario:
Sombody shared a calendar with me. I have full access to this calendar. When i delete an Item in the calendar the Folder.BeforeItemMove Event is fired. So far so good.
I want to Track deletion by check wether the MoveTo Entry id is null or the Entry id of the Application.Session.GetDefaultFolder(Outlook.OlDefaultFolders.olFolderDeletedItems) which works.
Now back to the case where the item is in a shared folder:
As per documentation the Property olFolderDeletedItems is a no go as parameter for GetSharedDefaultFolders() (Just to be sure i accessed the other folders which were allowed which worked)
I tried to Iterate over the Stores collection. No calendar there
I tried to Access the Store Property on the MoveTo folder -> null
I tried to get the Store from the Session (to inspect the PR_IPM_WASTEBASKET_ENTRYID) -> Fails
I CAN get the folder name Problem with this is , it might be renamed and/or localized and i do not want an array with all the deleted folder names floating around if i can't help it
I tested all of this using either plain OOM or redemptions Folder interface
Any Ideas?
(Tested in Outlook 2016)
RDOStore.GetDefaultFolder(olFolderDeletedItems) and RDOSession.GetSharedDefaultFolder(olFolderDeletedItems) both work in Redemption.
If you have access to the Calendar as a Shared Calendar (e.g. Sent as EMail invitation to you via the OWA) deleted Items go to YOUR deleted items Folder. This you can get via
Application.Session.GetDefaultFolder(Outlook.OlDefaultFolders.olFolderDeletedItems)
If the Calendar is in a second mailbox in your profile the deleted item go to the deleted items folder of THAT account which you can acces via
Outlook.Store _Store = MoveTo.Store;
Outlook.Folder _Folder = MoveTo.GetDefaultFolder (OlDefaultFolders.olFolderDeletedItems) as Outlook.Folder;
You can differntiate these two scenarios by Checking if the Folder.Store is null (which it is in the case of an Shared non mailbox calendar)
I'm building a business app where read and write access permissions are important.
The project is a Provider hosted MVC 5 / SharePoint app built in Visual Studio 2012.
Johnny needs to be able to Read and Write content on SharePoint App A AND SharePoint App B
Dave needs to only be able to Read content on SharePoint App A
I've looked over a lot of documentation including this tutorial:
http://www.itunity.com/article/sharepoint-permissions-manage-access-sql-data-709
The problem is if I give Dave Read access at the site level he is allowed to access SharePoint App A but also SharePoint App B.
How do I effectively use SharePoint permissions to stop this unintended behaviour?
Should I even be using SharePoint permissions?
2nd example:
I am building an app for project management, there will be an Engineer who is able to create, read and edit projects, there is also an Accountant who views the projects billables.
If I give Read permissions to Engineer and Read permissions to Accountant, how do I know which can view the project details and which can view the project's billables?
I read the article you linked to, and I am not sure that this is "authorization", the right word is "authentication", in sharepoint you set what a user can do, authorization means- which data user can read or write
so a simple solution for you is creating Group in sharepoint, for any authorization type you have, for example, a group called "Engineer", and gives it the permissions you need, your engineers will be members in this group.
in your MVC attribute, accept the group as parameter and check if user is member in this group, show the user the relevant data according to its group
public SharePointPermissionsAuthorizationAttribute( params string group) { _groups = groups; }
[SharePointEffectivePermissionsFilter("Engineer"]
public ActionResult Index() { ... } }
I use the .Net API for managing my organization's users within Google Apps. Within the directory API you can "RetrieveUser". This returns a User object that has a date property of "LastLoginTime".
Google used to separate out their Last Login Time for an account into three categories using the previous api.
last_login_time - the last time you directly logged into a google service using a UI
last_web_mail_time - the last time you logged into gmail.com webmail
last_pop_time - the last time you popped or imap'ed from their server. (indirect login)
In the new SDK, I don't see a specific "How we populate this" comment within their documentation. I'm wondering, and having trouble testing to figure out the rules myself:
How this is populated?
If it is not all encompassing usage that updates this date (usage meaning ANY interaction between the user and their account), how do I get other dates?
I use the last usage date to recycle idle users. Thus I need an accurate representation of what this date is. I've tested, and it appears popping from a google account is not represented within the SDK LastLoggedIn property, even though you need to log in to pop. Thus, any user that pops from the account and doesn't "Log In" could be deleted by accident.
API Reference
Appreciate any help.
These three (And more) properties still exist, just not attached to the "LastLoginTime". If you want to know if an account is truly idle, you'll need to use the Google.Apis.Admin.Reports.reports_v1 API. You can install via NuGet.
After you make your service object (Many stack answers can show you how to do this), usage is below:
UserUsageReportResource resource = _service.UserUsageReport;
UserUsageReportResource.GetRequest request = resource.Get("User#domain.ca", "yyyy-mm-dd");
UsageReports report = request.Execute();
All the interaction dates will need to be searched through, including LastLoginTime, and then take the latest. Each application has different dates all pertaining to when the last time the user did X action.
LastLoginTime appears to be simply the last time a user directly, or indirectly (via device), logged into the Gmail service. This does not include logging in for pop etc.
I am working on an outlook plugin. I want to give my manager reviewer permission to see my custom calendar (not the main Outlook Calendar) which I create programmatically.
My manager should be able to view my custom calendar programmatically.
I have given reviewer permission to my manager.
As of now, I don't know of any way where he can directly access my custom calendar programmatically. My custom calendar is at the same level as the main calendar.
A code like the following will not solve my purpose.
Outlook.Recipient oRecip = (Outlook.Recipient)oNS.CreateRecipient(userName);
Outlook.MAPIFolder usersCalendarFolder =
(Outlook.MAPIFolder) oNS.GetSharedDefaultFolder(oRecip,
Outlook.OlDefaultFolders.olFolderCalendar)
As this is to get my root calendar only.
And I dont want to give reviewer permission on my root folder. i.e. just "reviewer" permission on the custom calendar.
Do we have a way to achieve what I need?
Only Outlook's default folders for each item type can be accessed using GetSharedDefaultFolder. If you need to share any other folder that you've created manually, you'll have to share your entire Mailbox so that they can open it as an additional Mailbox in their Outlook profile or add it as a separate account.
I have an existing community backend and I like to use Umbraco for my presentation layer. How can I implement login/logout with .Net forms authentication? (I don't want to use the Member functionality). I have different type of users that get's access to different type of pages. How can I control this? User control?
Umbraco uses the ASP.NET member / role provider model for it's membership system, and it's a pretty straightforward step to swap the default one out for your own implementation. I've done this in the past where I wanted to authenticate members against an Active Directory store but I can't imagine it being much more difficult to authenticate against a custom database.
The benefit from this is you get full integration with the Umbraco membership system, and by using a custom role provider, editors will be able to restrict pages using the built in page-editing facilities as opposed to you having to hook in your own security controls.
You should be able to create a simple membership provider by extending the UmbracoMembershipProvider class and overriding the ValidateUser method. I haven't done this myself, but I know of others who have.
To authenticate against a custom role provider, you'll need to create a class derived from RoleProvider. The methods you'll be interested in overriding are - IsUserInRole, FindUsersInRole, GetAllRoles and GetRolesForUser.
Here's a link to a Scott Guthrie blog post which has more information on the provider API than you'll ever need to know, including the source code for the default providers.
I've used two approaches on my umbraco sites. Both approaches include user controls for login and logout that are responsible for authenticating a user with a custom solution and clearing credentials respectively. I also add, for both approaches, an umbracoMembersOnly attribute to any document types that I want to protect.
In the first approach, I had each individual template check to see whether or not the user was restricted from access. To abstract this, I created a siteuser class with an isMember or isLoggedIn method that was available site-wide and could be called from either an XSLT or User Control macro. The benefit to this approach is that I could tailor custom messages on each template rather than merely providing the same access denied page.
The second approach - which is the one I favor now - if to create a Permissions macro that is responsible for checking the user's right to access any page (i.e. checks for an umbracoMembersOnly attribute and, if true, checks for a session variable). This macro gets included in the master template, and so executes on every template. If the user doesn't have permission to access the current page, I redirect to the same page but with an ?alttemplate=RestrictedPage or similar appended to the query string. (Make sure that your Permissions macro checks for an alttemplate=RestrictedPage in the query string, or you'll end up in an infinite loop of redirects.)
You can checkout http://osMemberControls.codeplex.com